Ever wondered how to control access to the various services in an Enterprise SOA without having your users keep long lists of passwords that they must remember for daily tasks? What are best practices in the industry to design a flexible and secure solution? And how does your architecture still prove to be a solid approach in a heterogeneous landscapes where consumers (e.g. a composite application) may have to call several services on different platforms within the organization and across its boundaries?
If you are planning or implementing an Enterprise SOA, I’m sure that you have been asked these types of questions many times. Session SIM207 (“Towards Interoperable SSO for Web Services”) at SAP TechEd in Las Vegas and Berlin will provide you with the answers. Administrators, architects or developers will learn how to solve the Single Sign-On (SSO) issue in heterogeneous landscapes based on industry-wide accepted standards supported by SAP NetWeaver and other platforms.
My colleague Stefanie Garcia-Laule and I invite you to take a 2-hours journey into the world of Enterprise SOA and Single Sign-On (SSO) that will cover the following topics:
- Standards-based SSO for Web Services
- New features for Web Services SSO in SAP NetWeaver
- Enterprise SOA SSO in practice
Figure 1: Heterogeneous ESOA security scenario demonstrated at TechEd 08 SIM207
We’ll start our session with an introduction of the fundamental concepts and technologies, but our main objective is to give you an early and practical insight into the upcoming features in SAP NetWeaver and how to use them for Web Services SSO in a real-world ESOA scenario. In an online demo (see figure 1 above), we’ll show how to build a service-based solution in a heterogeneous environment, including Microsoft .NET 3.0 and Excel serving as the frontend on the consumer side and an ABAP-based Web Service provider running on the SAP NetWeaver Application Server, requiring strong authentication from any service consumer. To deliver on the promise of Single Sign On in this scenario, the user will only have to authenticate once at the initial Windows desktop log on, and the security session will be obtained across system and domain boundaries based on the SAML Token Profile standard that provides interoperability between both platforms.
Please click here to download the complete source code archive of the demo scenario.